package com.zhiyi.coco.filter;

import com.zhiyi.coco.entity.SysUser;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

/**
 * 自定义一个拦截器，验证用户权限，判断用户权限是否正常
 * 如果正常，放请求过去
 */
public class CheckUserResourceFilter implements HandlerInterceptor {
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object o) throws Exception {
        //request是请求，在请求中包含请求地址
        String url = request.getRequestURI();
        //request还能获取session
        SysUser u = (SysUser) request.getSession().getAttribute("user");
        //判断用户是否拥有权限
        if(u.getResources().contains(url)){
            return true;
        }
        return false;
    }

    @Override
    public void postHandle(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, ModelAndView modelAndView) throws Exception {

    }

    @Override
    public void afterCompletion(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, Object o, Exception e) throws Exception {

    }
}
